Modify

Opened 5 years ago

Last modified 4 years ago

#1339 infoneeded bug

OpenVPN stopped working under 2.3.7.1

Reported by: Ariel <ariel@…> Owned by:
Priority: normal Milestone:
Component: fon-plugin-openvpn Version: 2.3.7.1 (Paco Jr)
Severity: unknown
Cc: Hardware: 2.0n (FON2300)

Description

I’ve upgraded my Fonera 2.0n to both the release and the dev version of 2.3.7.1 and I can’t manage to get my OpenVPN working. With 2.3.7.0 it was working perfectly. I can see the configuration is there, both the Fonera and the clients but clients can't connect. Thank you.

Attachments (0)

Change History (5)

comment:1 Changed 5 years ago by matthijs

  • Status changed from new to infoneeded

Weird, nothing should have changed in OpenVPN with the 2.3.7.1 upgrade.

When you say "can't manage to get it working", you mean that even if you add new client in the webinterface it doesn't work? Or are you saying that clients set up before the upgrade don't work anymore after the new upgrade?

In any case, where do problems occur exactly? When adding new clients, or when connecting? Is there any error message from OpenVPN?

comment:2 Changed 5 years ago by Ariel <ariel@…>

Hi. Thanks for picking up on this.

I was very vague in my description, you are right. What I did is just uprading the firmware and trying to connect to OpenVPN. The clients (Tunnelblick and OpenVPN Connect) both get stuck on "Waiting for server response".

On the web interface I can see both clients configured. I haven't removed the certificates and created new ones after I've upgraded the firmware, I'm using the previously configured ones.

I've installed 2.3.7.1 dev, SSHd the Fonera but can't see anything on the logs while a client is trying to connect.

Nothing has changed on my firewall. IPSec is enabled on the Fonera's web interface.

Please let me know if I can provide more information. Thank you.

comment:3 Changed 5 years ago by Ariel <ariel@…>

Hi. Was wondering if there were any news on this ticket. I've tried to generate the certificates again, install them on the devices but it doesn't work, VPN won't connect. Thank you.

comment:4 Changed 5 years ago by matthijs

I just tried this:

  • Flash 2.3.7.0
  • Do a factory reset
  • Enable OpenVPN and create a client
  • Upgrade to 2.3.7.1

Then, connections still work normally, so at least this is not totally broken.

I presume this is something specific to your environment. Perhaps you can give me a dump of your Fonera internals so I can investigate and perhaps try to recreate your Fonera's state here?

To do so, run:

root@Fonera:~# tar -czf /tmp/jffs.tar.gz /jffs/

This creates a file called /tmp/jffs.tar.gz with a fairly complete dump of all of your Fonera's settings and files. This includes private details like your wifi password and OpenVPN keys. If you're okay with sharing those with me, please send them to matthijs.kooijman@….

comment:5 Changed 4 years ago by anonymous

Me too!

Existing clients before upgrade, and any new ones added - both don't work anymore. Although I never used openvpn often, it was a lifesaver a few times when I did. Hence not sure that it was this version that caused it but bug raiser reckons here so I'll agree..

Still broken in 2.3.8.0 beta.

I emailed Fonera support about it ages ago (2014) but got a very unsatisfactory reply, I think because I'd tried to regenerate some keys myself. The Web ui just forever says "Generating keys..." (maybe a slight paraphrase) for all of my clients I added and never changes even hours after a fresh reboot.

Tried turning off and on and recreating stuff, but no avail. I DO have time to report file contents/command output if you request what you need (and will anonymise first if I can see anything looking like a key or am told where to clean it out). Unfortunately I don't have time to check more into openvpn workings via their docs and figure out which bit is failing myself (also unsure what differences there might be for Fonera/open wrtg thingummy version).

Could this be at all related to a port-forwarding issue I'm having with newest version too (2.3.8 beta, maybe 2.3.7.x too)

Add Comment

Modify Ticket

Action
as infoneeded The ticket will remain with no owner.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.